Strange bug in the TLS application protocol with PSK
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Oct 27 15:11:36 CET 2009
I'm quite intrigued... How did you manage to do that? Do you use
custom push and pull functions?
regards,
Nikos
On Tue, Oct 27, 2009 at 3:06 PM, Vladimir Estis <techdisser at gmail.com> wrote:
> Hi Nikos,
>
> Thanks for your answer. I've solved this problem. It was my error. I've
> reset IV for cipher after every message. But TLS uses the last cipher block
> of record as the CBC IV for next block. Thus, IV for first block of every
> new message was lost, and I wasn't able to decrypt the first cipher block of
> message. Now I call update() function instead of doFinal() and GNUTLS works
> fine.
>
> Thank you again,
> regards, Vlad.
>
> 2009/10/27 Nikos Mavrogiannopoulos <nmav at gnutls.org>
>>
>> If you think this is a gnutls bug please send an example program that
>> reproduces this bug.
>>
>> regards,
>> Nikos
>>
>> On Tue, Oct 27, 2009 at 10:09 AM, Vladimir Estis <techdisser at gmail.com>
>> wrote:
>> > Hello,
>> >
>> > I've used GNUTLS for testing of the TLS with the PSK cipher suite
>> > (TLS_PSK_WITH_3DES_EDE_CBC_SHA). But I've faced a problem with PSK kind
>> > of
>> > authentication in the gnutls-cli. I see that handshake was successfully
>> > done. But then I tried to send part of application data, and I found
>> > that
>> > first cipher block (8 bytes) was corrupted. I think, GNUTLS calculates
>> > checksum for application data, injures first block and then do ciphering
>> > across all data. I think this is bug in GNUTLS, but I couldn't find any
>> > discussion at the forums about this fact.
>> >
>> > Has anyone else encountered this behaviour of the GNUTLS?
>> > Thanks very much in advance for any help!
>> >
>> > With best regards, Vlad.
>> >
>> > _______________________________________________
>> > Help-gnutls mailing list
>> > Help-gnutls at gnu.org
>> > http://lists.gnu.org/mailman/listinfo/help-gnutls
>> >
>> >
>
>
More information about the Gnutls-help
mailing list